Live feed and video recordings from security cameras were accessible to Ring employees

Highlights

Ring employees had access to a camera’s live feed

All recorded videos were stored in an unencrypted form

A database linking videos to customers was also created

In an era in which there is no dearth of conspiracies and reports of governments allegedly trying to covertly spy on citizen, a rather unsettling piece of news regarding unchecked mass surveillance has emerged from the house of Amazon. Ring security cameras, which are made by an Amazon-owned company and can be installed on doorbells, garages, and bookshelves, reportedly gave unrestricted access to the camera feed and video recordings of a customer's home and property to the company's research and development team and a small bunch of other employees as well.

Yes, it is a brazen violation of privacy but unfortunately, that's just one half of the story. Aside from letting Ring employees have an unhindered look at every customer's personal life, the video files were stored in an unencrypted form on an Amazon cloud database that could be accessed with relative ease. People familiar with the company's borderline illegal activity told The Intercept that members of Ring's R&D team had unrestricted access to an Amazon cloud container which contained every single video recorded by a Ring security camera across the globe.

The Intercept's source revealed that not only were the video recordings were easily accessible, downloading and sharing them would have required no more than a few clicks. In addition to the videos, Ring's team also had access to the data which linked each video to the customer who purchased one of the cameras. Members of the R&D team even teased each other regarding the person they brought home after a date, since they could access the feed from their colleagues' security cameras too.

In addition to the R&D personnel, some of Ring's US-based engineers and executives also had access to live feed from customers' security cameras, even if their job had nothing to do with accessing those recordings. Alarmingly, a customer's email address was all that was needed to see the live feed from a Ring security camera installed in their home. Ring, which was purchased by Amazon for over $1 billion in February last year, reportedly refrained from storing the videos in an encrypted form because encryption would cost a pretty penny to implement and it would also cause the company to lose some revenue opportunities. The report's source, however, added that Ring's R&D team did not indulge in any wrongdoings with the data they had at their disposal.

Also, the company reportedly used those videos for training the in-house object and facial recognition software. But since creating an AI model from scratch to do so would be an expensive and time-consuming process, Ring instead employed human operators to manually label objects in a feed for training the software. While Amazon's ultimate goal with Ring's acquisition was to reportedly lay the foundations of a connected home ecosystem powered by Alexa and then capitalise on the demand, Amazon is also reportedly working on a project to help identify ‘suspicious' people by creating a database of images captured using such cameras.

One can classify Amazon's ambitions associated with Ring as opportunistic or benevolent. But the bigger picture here - if the report is true - is that an Amazon-owned company granted employees unrestricted access to customer's personal lives through security cameras, and that is tantamount to a huge violation of privacy that needs to be questioned on multiple grounds.